← Back

Legal // Cookies

Cookie Policy

Effective: June 16, 2026

1. What Are Cookies

Cookies are small text files placed on your device when you visit a website. They are widely used to make websites work, improve efficiency, and provide information to site owners.

2. Cookies We Use

Essential

  • sb-access-token / sb-refresh-token: Supabase authentication session cookies. Required for you to remain logged in. Expire with session or per Supabase policy. Cannot be disabled.
  • gk_session: Signed session identifier for inactivity timeout tracking. Expires after 24 hours. Cannot be disabled.
  • cookie-consent: Records your cookie preference (accepted/declined). Stored in localStorage. Cannot be disabled.

Analytics (Optional)

  • ph_* (PostHog): Product analytics cookies that track anonymized page views and feature usage. Set by PostHog (us.i.posthog.com). Only set if you accept analytics cookies. You can opt out at any time by declining cookies in the banner or clearing site data.

Third-Party

  • Stripe: If you visit the billing or checkout flow, Stripe may set cookies for fraud prevention and payment flow continuity. These are governed by Stripe's Privacy Policy.

3. Legal Basis

Essential cookies are necessary for the service to function (legitimate interest / contract performance). Analytics cookies require your consent (GDPR Art. 6(1)(a)), which you provide through the cookie consent banner on first visit.

4. Managing Cookies

You can control cookies through:

  • The cookie consent banner shown on first visit — click Decline to reject analytics cookies.
  • Your browser settings — most browsers let you block or delete cookies. Note that disabling essential cookies will break authentication.
  • Clearing site data in your browser's developer tools removes all stored cookies and localStorage.

5. Changes to This Policy

We will update this policy when our cookie usage changes. Material changes will be communicated via email or in-app notice.

6. Contact

Cookie questions: consulting.nextera@gmail.com